Still, I believe it's wrong to distract here from all the other important topics addressed by Ray Ozzie, who was aware of all the important issues even in 1996, and for historical context of the NSA key from the title, here is the relevant part from his speech he gave in 1996, about how Lotus implemented what was legally required from them:

"As you know, the U.S. government has defined its "maximum tolerance level" for exportable unescrowed cryptography at 40 bits. That is, because they generally permit the export of 40-bit products, the U.S. government is clearly already willing to deal with a 40-bit work factor in order to examine encrypted communications outside of this country.

So, the system that we're shipping in Lotus Notes Release 4 overseas is one that presents different work factors to different parties, hence the name.

Against crackers -- against the run-of-the-mill adversary trying to break a message -- the work factor is 64 bits, just like it is in the U.S. That is, in the new International Edition of Lotus Notes, bulk data keys are now 64 bits just as they are in our North American Edition that's sold in the U.S. and Canada.

But when the U.S. Government needs access to a communications stream overseas encoded by the international edition of Lotus Notes, they are no worse off - and no better off - than they are today - they have to crack 40 bits."

Since then, the goals of different interest groups haven't changed, and we all now about many new possibilities and about the surveillance actually being done and the dangers that the changes brought and can bring.

Other comments here in the other threads are about these more recent issues and the readers should note them too.

Duly noted - sorry for diluting attention.

Connecting both aspects though: arguably the failure of subsequent technologies to fulfill the decentralized Notes vision has facilitated the rise of extreme centralization and greatly exacerbated our privacy problems.

This compromise was also used by WebTV in Japan in 1997. I vaguely recall that client/server comms were protected by 56 bit symmetric encryption, and that in international mode, 16 bits of the session key were explicitly sent in cleartext to respect the 40 bit limit. WebTV in the USA was full strength crypto, at least as strong as the little MIPS processor in the settop box could manage.

Claims that weak devices couldn't handle strong cryptography are mostly bogus.

Fun fact: The Atari 7800, designed in 1983, used a 956-bit Rabin signature to vendor lock games. Strong cryptography was unavailable for a long time primarily due to indifference, ignorance, and interference and not primarily due to computational limits.

> in 1983, used a 956-bit Rabin signature to vendor lock games.

But not to encrypt the communication -- that would have been, apparently, against the U.S. laws of that time.

> Strong cryptography was unavailable for a long time primarily due to indifference, ignorance, and interference and not primarily due to computational limits.

It's surely the "interference" in the form of the mentioned U.S. laws at the time, some other comments here detail the historical background.

I'm not aware of any law it would have been violating if was encrypted in the US.

However, export was another matter and the export version of the 7800 left the crypto out!

In any case, my point was that weak crypto spanning into the late 90s was not a result of technical limitations.

> I'm not aware of any law it would have been violating if was encrypted in the US.

The laws as they were had exactly that effect: a lot of companies didn’t intend to have products sold solely in the US. And it was problematic enough that most companies avoided making a US-only version: even carrying such a product on a floppy disk while travelling outside of US could get you in trouble, see this article from 1995:

https://www.wired.com/1995/03/the-continuing-investigation-o...

The companies that did use strong crypto typically had the contracts with the military.

Sorry, we're talking in loops. The legal issue wasn't encryption vs other cryptography, it was export or not. 7800 did face that issue, and resolved it by making the non-US version not do the crypto. This was probably easier in their case due to PAL vs NTSC. :)

I think both of us might be making the error of correcting something the other person wasn't intending to comment on! :)

Some export complications around crypto exist to this very day-- at least for commercial hardware products. I've had to fill out the export forms myself, and not that many years ago.

I was in IT support during the Notes era working alongside notes devs. It was a grand vision. Perhaps too grand. Notes was supposed to do much more but I never saw it actually deliver in production. And between Exchange and GroupWise it got its ass kicked.

It couldn’t survive under IBMs care as they declined, which was a shame.

I worked in places that did everything from comprehensive correspondence management to configurators for factory systems. It’s a pretty powerful set of tools.

The Microsoft world was much more primitive until the mid 2000s. GroupWise and Notes shops didn’t have the ridiculous mailbox size limitations that Exchange had up until about a decade ago. Even today, the dumpster fire that is SharePoint is arguably inferior to what Notes was shipping in 1996 in some ways.

Dumpster fires everywhere are offended that you’ve compared them to Sharepoint.

The myth that Sharepoint really, truly stinks and you should not use it even when your choices are dire, is as real and true as a dumpster fire.

I'll be honest the syntax of your sentence is so confusing you could tell me that you hate SharePoint or that you've made millions administering it and love it, and I would believe you either way.

That being said, I've work on a handful of installations of various sizes, including large state governments and Fortune 500 companies setups, and have never encountered one that wasn't a massive struggle to work with compared to just about any alternative solution.

I've never seen a product where even the people who run the platform pretty much hate it.

The only open question is that will Teams, which is at it's heart a bizarre mashup of SharePoint and enterprise IM/Voice/Video will eventually engender the same universal disdain.

SAP. In my whole career i've never heard of an SAP implementation described in terms other than "total nightmare".

Having seen at least three or four multinational-level SharePoint environments, I would strip them all back down to raw HTML with an ACL enforced editorial process. Then try again from scratch. I shudder to think of ever being a SharePoint admin.

Notes within IBM fulfilled it's vision. distributed app running on the platform making large use of replication and delivered as needed where the norm.

it suffered of development inconsistency if anything, much like java applets

turns out if some platform access is too easy, everyone starts publishing crapware

Not open source, but it strikes me that Notion.so, Coda and AirTable might be examples of centralized, online "Notes-replacements", all inspired by how Google Docs (Writely) let you collaborate and perform conflict resolution in the cloud a bit over a decade ago.

Can't speak for the others, but Notion.so conflict resolution is significantly less sophisticated than Google Docs' operational transforms (I think that's what they're using).

True. Perhaps I overemphasized that because they're online collaboration tools. I haven't yet used them with multiple people in one "document" yet.

It is last write wins at the block level. The unit of granularity is a property on a block, for example the entire text in a paragraph of text or the type of a block. For moving or adding blocks in lists, the operation is "place after object id XXX", so there are a few edge cases where someone else deletes or moves the block right before the target location. If the preceding block is missing from the list, they place the moved/new block at the end. (There is also a 'listBefore' operation that is used at the beginning of the page.)

If you're online, the rough edges are plastered over a little by timely updates, but working offline would amplify them a bit.

CouchDB is still thriving. It's adopting FoundationDB in 4.0... https://www.youtube.com/watch?v=SjXyVZZFkBg good talk on that here at FoundationDB Summit

This backdoor would be the equivalent of a combined outlook and a .net app being compromised.

It might be hard to imagine the scope that notes encompassed in its day... it simultaneously provide mobile, offline first apps with usable data replication.. among a few features that might be surprising:

Notes had a few more unique features that modern devs might cringe to hear isn’t all that new:

- Notes provided early Nosql/relational data. Everything was a document and have fun stitching it all together in views. The NotesSQL layer would add an ODBC based layer to simulate relational dbs.

- When Lotus added Domino to Notes, it was among the first that could deliver the same Lotus Notes code to a web application. Early write once, deploy anywhere (woda). Existing apps that only ran inside Notes now worked in a web browser.

All this.. for a piece of software that was originally an email server and built workflow around it. all compromised.

"[O]riginally an email server" gets it rather backwards. It was more like a BBS/forum hosting platform that had messaging between boards (databases), with user email as a special case.

Fair..

Notes for email / groupware was a common implementation, and it was more capable than alternatives like Exchange, Novell Groupware, because of the application building abilities of Notes.

While interesting, this is way off topic and should not be rated above discussion about the nefarious cryptographic behaviour of the business.

> nefarious cryptographic behaviour of the business.

It was not just "business" then: the export of strong encryption had the same status as the export of weapons in the U.S. laws at that time. See the other threads here.

I strongly agree! When I was first thrust into Notes administration (version 3 no less!) I hated it. But combined with version 4 and using it more, the power hiding behind the ugly GUI became more and more apparent. I've yet to find a system that can handle unstructured data or workflows with field level replication, role based security and encryption as quickly or as elegantly as with Lotus Notes - UI warts and all. Indeed I have some workflows that I could probably automate myself in a week or so but am in the process of getting dev support to accomplish some other way.

It's too bad IBM didn't really fix the non-windows feel of Notes until version 8. By then Exchange had clearly won - should have never happened. The Notes server back end is still far more robust than Exchange. Oh well...

Hated Notes. I left companies because of it.

As mentioned in The Friendly Orange Glow, it was started by people who worked on the PLATO system at the University of Illinois which added its Notes discussion system in 1973. PLATO ran until 2015.

You should check out Couchbase Mobile and Couchbase Enterprise Edition then!

Just don't use couchbase for larger amounts of data. In fact as a database it is mediocre at best. NoSQL, when it even works, is slow. Bulk operations are slow. Memcache backend gets constantly killed by oom killer. Rebalancing cluster is manual. Indices dont work. Timeouts are specified in microseconds. Documentation is lacking. maybe that's changed since 5.3, but bad taste lingers on.

Try RavenDB, also multi master replication and has all the store mentioned capabilities

There isn't a 5.3 of Couchbase Server...

My bad, memories fade. It was 5.1.3 then, i think. I remember upgrading the cluster to 5.5 with some pain and fear of data loss, however the concrete version i was upgrading from eludes me.